package cn.com.server.shiro;

import org.apache.log4j.Logger;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authc.credential.SimpleCredentialsMatcher;

public class CredentialsMatcher extends SimpleCredentialsMatcher{
	
	private Logger logger = Logger.getLogger(CredentialsMatcher.class);
	
    @Override
    public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) {
    	boolean authc = false;
    	try {
    		UsernamePasswordToken utoken=(UsernamePasswordToken) token;
            //获得用户输入的密码:(可以采用加盐(salt)的方式去检验)
            String inPassword = new String(utoken.getPassword());
            //获得数据库中的密码
            String dbPassword = (String) info.getCredentials();
            //进行密码的比对
            authc = this.equals(inPassword, dbPassword);
    	}catch (Exception e) {
    		authc = false;
		}
        if(authc) {
        	logger.debug("密码对比正确");
        }else {
        	logger.debug("密码对比错误");
        }
        return authc;
    }
    
}